Bosch Rexroth ctrlX SAFETY Applications Manual Download Page 1

Page: 1 / 72

ctrlX SAFETY

"Safe Torque Off" Safety Option

in ctrlX DRIVE

Application Manual
R911383774

Edition 03

Summary of Contents for Rexroth ctrlX SAFETY

Page 1: ...ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Application Manual R911383774 Edition 03 ...

Page 2: ...tions of this documentation on page 1 Copyright Bosch Rexroth AG 2020 All rights reserved also regarding any disposal exploitation reproduction editing distribution as well as in the event of applications for industrial property rights Liability The specified data is intended for product description purposes only and shall not be deemed to be a guaranteed characteristic unless expressly stipulated...

Page 3: ...ng 11 3 3 5 Protection against contact with hot parts 12 3 3 6 Protection during handling and mounting 12 3 3 7 Battery safety 12 3 3 8 Protection against pressurized systems 13 3 4 Explanation of signal words and the Safety alert symbol 14 4 System overview 15 4 1 Introduction 15 4 1 1 Motivation and objectives 15 4 1 2 Conceptual overview 16 4 1 3 Risk assessment 16 4 2 Product presentation 17 4...

Page 4: ...e setup 37 8 Commissioning the safety technology 39 8 1 Safety instruction 39 8 2 Prerequisites for using integrated safety technology 39 8 2 1 General information 39 8 2 2 Required drive firmware 39 8 2 3 Required controller configuration 40 8 2 4 Required motors and measuring systems 41 8 2 5 Required commissioning tools 41 8 3 Checks before initial commissioning 41 8 4 Commissioning procedure 4...

Page 5: ...ioning drive components 51 11 Declaration of conformity 53 12 Project planning 55 12 1 Interfaces relevant to safety technology 55 12 1 1 XG41 safety technology Safe Torque Off 55 12 2 Technical data of inputs and outputs 55 12 2 1 Digital inputs safety technology 55 12 2 2 Digital outputs safety technology 56 13 Service and support 59 Index 61 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX D...

Page 6: ...IV ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 7: ... safety with parked axis in P 0 3210 Safety technology configuration Tab 1 2 Conventions of notation Helpful information and tips are highlighted in the text A symbol tells you what kind of information is used in the text This box contains important information that should be taken into consideration This symbol highlights useful tips and tricks Signal words in accordance with ANSI Z535 6 2011 dra...

Page 8: ...ages are documented in the Description of diagnostic messages also called Troubleshooting guide For an overview of reference documentations please refer to Documentations Your Feedback Your experience is important for our improvement processes of products and documentations If you discover mistakes in this documentation or suggest changes you can send your feedback to the following e mail address ...

Page 9: ...ructural modifications It is not permitted to decompile software products or alter their source codes Do not install damaged or faulty products or put them into operation Make sure that the products have been installed as described in the relevant documentation 2 1 2 Areas of use and application Drive controllers by Rexroth are designed to control electric motors and monitor their operation Contro...

Page 10: ...ve controllers outside of the operating conditions technical data and specifications described in this documentation Drive controllers must not be used if they are exposed to operating conditions that do not meet the specified ambient conditions This includes for example operation under water under extreme temperature fluctuations or extreme maximum temperatures Furthermore Drive controllers may n...

Page 11: ...s and cables Installation An installation consists of several devices or systems interconnected for a defined purpose and on a defined site which however are not intended to be placed on the market as a single functional unit Machine A machine is the entirety of interconnected parts or units at least one of which is movable Thus a machine consists of the appropriate machine drive elements as well ...

Page 12: ...sible for the safe operation of the components If the component is resold rented and or passed on to others in any other form these safety instructions must be delivered with the component in the official language of the user s country Improper use of these components failure to follow the safety instructions in this document or tampering with the product including disabling of safety devices coul...

Page 13: ...quired measures modifications and complements Commissioning of the delivered components is only allowed once it is sure that the machine or installation in which the components are installed complies with the national regulations safety specifications and standards of the application Operation is only allowed if the national EMC regulations for the application are met The instructions for installa...

Page 14: ...s voltage High electrical voltage Danger to life risk of injury by electric shock or serious injury Only qualified persons are allowed to operate maintain and or repair the components of the electric drive and control system Follow the general installation and safety regulations when working on power installations Before switching on the equipment grounding conductor must have been permanently con...

Page 15: ... components of the electric drive and control system permanently to the main power supply at all times The leakage current is greater than 3 5 mA Establish an equipment grounding connection with a minimum cross section according to the table below With an outer conductor cross section smaller than 10 mm2 8 AWG the alternative connection of two equipment grounding conductors is allowed each having ...

Page 16: ...ter equipment is switched on or even after an unspecified time of trouble free operation The monitoring functions in the components of the electric drive and control system will normally be sufficient to avoid malfunction in the connected drives Regarding personal safety especially the danger of injury and or property damage this alone cannot be relied upon to ensure complete safety Until the inte...

Page 17: ...ent to guarantee personal safety Disconnect electrical power to the components of the electric drive and control system using the master switch and secure them from reconnection lock out for Maintenance and repair work Cleaning of equipment Long periods of discontinued equipment use Prevent the operation of high frequency remote control and radio equipment near components of the electric drive and...

Page 18: ...work at hot surfaces For certain applications and in accordance with the respective safety regulations the manufacturer of the machine or installation must take measures to avoid injuries caused by burns in the final application These measures can be for example Warnings at the machine or installation guards shieldings or barriers or safety instructions in the application documentation 3 3 6 Prote...

Page 19: ...n be partially supplied with externally fed pressurized media such as compressed air hydraulics oil cooling liquids and cooling lubricants Improper handling of the connected supply systems supply lines or connections can cause injuries or property damage Risk of injury by improper handling of pressurized lines Do not attempt to disconnect open or cut pressurized lines risk of explosion Observe the...

Page 20: ...h precedes the signal words DANGER WARNING and CAUTION is used to alert the reader to personal injury hazards DANGER In case of non compliance with this safety instruction death or serious injury will occur WARNING In case of non compliance with this safety instruction death or serious injury could occur CAUTION In case of non compliance with this safety instruction minor or moderate injury could ...

Page 21: ...ds More system performance Less system costs Easy understanding of complex subjects Improved diagnostics Simplified certification Easy commissioning Independent of control units Comparison with conventional safety technology A drive and control system with integrated safety technology differs from systems with conventional safety technology by the fact that the safety functions are directly integr...

Page 22: ... risk assessment is a multilevel iterative process The procedure is described in detail in EN ISO 12100 General principles for design Risk assessment and risk reduction This documentation can only give a very short overview on the subject of risk assessment Users of integrated safety technology are obliged to intensively study the respective standards and legal status The risk assessment carried o...

Page 23: ...EG is ensured Safety Integrity Level SIL relation between the SILs of IEC 62061 and the Performance Level PL of EN ISO 13849 1 Performance Level PL Average probability of dangerous failure 1 h PFH Safety Integrity Level SIL Risk a 10 5 10 4 b 3 10 6 10 5 1 c 10 6 3 10 6 1 d 10 7 10 6 2 e 10 8 10 7 3 Tab 4 1 Safety Integrity Level failure limit values for a safety function of a PDS SR 4 2 Product p...

Page 24: ...tics of ctrlX DRIVE The positions 20 and 21 of the type code show whether your device has been equipped with the optional module T0 Short type designation 1 2 3 4 5 6 7 8 9 1 0 1 2 3 4 5 6 7 8 9 2 0 1 2 3 4 5 6 7 8 9 3 0 1 2 3 4 5 6 7 8 9 4 0 Example X C S 1 W 0 0 5 4 A B N 0 1 N E T T 0 E C N N S 0 1 R S N 2 N N N 2 D N N Ⓐ Option 1 safety technology T0 STO Tab 4 2 Excerpt from the type code for ...

Page 25: ...ng of protective equipment in respect of approach speed of parts of the human body ISO 14119 Safety of machinery Interlocking devices associated with guards Principles for design and selection ISO 11161 Safety of machinery Integrated manufacturing systems Basic requirements ISO 10218 1 ISO 10218 2 Robots for industrial environments Safety requirements Part 1 Robots Part 2 Robot systems and integra...

Page 26: ...n and two outputs for dynamization 4 4 2 Performance Time response and reaction times The reaction times of integrated safety technology of the optional safety technology module T0 are as follows Selection of the STO safety functions i e transition from normal operation bb Ab Deselection of the STO safety functions i e transition to normal operation bb Ab ctrlX DRIVE with T0 option up to 18 ms pre...

Page 27: ...für Arbeitsschutz der DGUV IFA Institute for Occupational Safety and Health of the German Social Accident Insurance IFA There you can download the SISTEMA software free of charge Your advantages Quickly calculating the Performance Level Easily and quickly accessing safety characteristics Safety characteristics for certified components 4 5 2 Optional safety technology module T0 Drives equipped with...

Page 28: ...alculation 1 External component Fig 4 2 Determining the PFH for a safety zone To calculate the PFH value of a safety zone a valid PFH value has to be available for all components which have an influence on the safety function if necessary procure the PFH value from the component manufacturer PFHsafety zone PFHselection_discrete 1 PFHaxis_1 PFHaxis_2 PFHaxis_n 1 External component The following con...

Page 29: ...During operation the safety functions are monitored by the drive system For this purpose measures for detecting static error states were implemented in the system Dual channel structure Comparison of the states of both channels Dynamization of static states These measures ensure that a single error cannot cause the safety functions to be lost The installation or machine manufacturer has to determi...

Page 30: ...tion When the safety functions are selected via an active safety unit the dynamization pulses of the OSSD outputs of the active safety unit are evaluated and monitored Therefore other dynamization signals are not required The active safety unit must detect the following errors via its OSSD outputs Short circuit of one or both selection signals with 24 V Short circuit between both selection signals...

Page 31: ...ec tion via passive safety units A passive safety unit is a safety switching device with which the safe function is selected via isolated contacts When the safety functions of the T options are selected via a passive safety unit the drive checks the wiring of the selection When the safety functions are selected via a passive safety unit the drive generates the dynamization pulses and makes them av...

Page 32: ...T option Fig 5 4 Dynamization in the case of selection via a passive safety unit A safety zone cannot contain more than 25 drives with an optional safety technology module T0 If more than 25 drives are to be operated at a safety unit multiple safety zones have to be set up 26 65 Functional principle of integrated safety technology ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rex...

Page 33: ... deceleration Lethal injury and or property damage caused by unintended axis motion WARNING If external force influences are to be expected with the safety function Safe torque off e g in the case of a vertical axis this motion has to be safely prevented by additional measures e g a mechanical brake or a counterweight For such axes Bosch Rexroth recommends using the Safe braking and holding system...

Page 34: ...dynamization outputs are available at the standard outputs of the drive For pin assignments and technical data please refer to the chapter Project planning The safety function Safe Torque Off includes the following topics that are described in detail below Dynamization Requirements on the command value input Selecting the safety function Safe Torque Off Dynamization Dynamization is to detect stati...

Page 35: ... category 0 according to EN 60204 1 If the safety function Safe Torque Off is selected with drive enable having been set the safety function is executed while a diagnostic message is generated at the same time because the drive first has to be decelerated before the safety function is allowed to be activated Via the configuration of Safe Torque Off P 0 0101 select how the drive is to react if the ...

Page 36: ...l brake or a counterweight For such axes Bosch Rexroth recommends using the Safe braking and holding system Injury and or property damage caused by deviation from standstill position WARNING Even if power section control has been safely locked momentary axis motion depending on the number of poles of the motor can be triggered when two errors are occurring simultaneously in the power section with ...

Page 37: ...t the passive safety unit complies with the safety level the application requires 7 1 1 STO function in the case of selection via passive safety units Dual channel wiring Fig 7 1 STO function with dual channel wiring for single axis devices and passive safety unit The assignment of the dynamization signals can be selected as desired ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 31 65 E...

Page 38: ...or multi axis devices e g XMD and passive safety units the wiring as illustrated above has to be implemented as a safe wiring This is necessary to exclude short circuit between lines supplied by the same dynamization output 32 65 Examples of application ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 39: ...to be made Short circuits with other potentials Short circuit with 24 V Short circuit with ground See also EN ISO 13849 2 2012 table D 4 In the case of single channel wiring between the passive safety unit and connector XG41 of the T0 option the internal structure of the passive safety unit too has to meet the requirements of the safe wiring Application engineers are free to choose any dynamizatio...

Page 40: ... outputs Short circuit of the selection signals with 24 V Short circuit between the two selection signals Fig 7 4 STO function with active safety unit plus plus switching outputs Single channel wiring When the safety function is selected via a safety unit the short circuit with 24 V has to be detected by the OSSD output 34 65 Examples of application ctrlX SAFETY Safe Torque Off Safety Option in ct...

Page 41: ...e following fault exclusions have to be made Short circuits with other potentials Short circuit with 24 V Short circuit with ground See also EN ISO 13849 2 2012 table D 4 In the case of single channel wiring between the active safety unit and connector XG41 of the T0 option the OSSD output has to be designed with serial redundancy according to SIL3 ctrlX SAFETY Safe Torque Off Safety Option in ctr...

Page 42: ...ssive first has to decelerate the drive via the E Stop function or the NC stop of the control unit and select the STO function after a fixed time that has been set is over The selection always has to take place after the time that has been set independent of the axis state Fig 7 6 SS1 function with dual channel wiring and passive safety unit 36 65 Examples of application ctrlX SAFETY Safe Torque O...

Page 43: ... of zone setup in this case 2 ctrlX DRIVE in a safety zone with dual channel wiring and passive safety unit ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 37 65 Examples of application R911383774_Edition 03 Bosch Rexroth AG ...

Page 44: ...38 65 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 45: ...he safety factor and the sizing are application specific and have to be defined by the plant or machine manufacturer For the maximum gearbox input torque too a safety factor in relation to the maximum motor torque has to be taken into account This also applies to motor gearbox combinations by Bosch Rexroth See also documentation of the respective gearbox In the case of error injury and property da...

Page 46: ...ing the Safe Torque Off function requires the optional safety technology module T0 The following devices have been equipped with the optional safety technology module T0 Single axis converter XCS1 W0 A T0 Single axis inverter XMS1 W0 A T0 Double axis inverter XMD1 W A T0 For pin assignments and technical data of the optional safety technology module T0 please refer to the Appendix XG41 safety tech...

Page 47: ...rs before they start working at the machine with integrated safety technology are instructed by qualified staff of the company operating the machine The operating company of the machine is responsible for the instruction 8 4 Commissioning procedure 8 4 1 Overview The Safe Torque Off function for the ctrlX DRIVE system is preferably commissioned using the IndraWorks commissioning software or manual...

Page 48: ...comes active or not Step 1 Connecting and wiring the Safe Torque Off function The connection and wiring of the Safe Torque Off function depends on the option used to make the selection at the drive The Examples of application for ctrlX DRIVE chapter shows the different options of selection and wiring The inputs and outputs at the connector XG41 of the optional safety technology module have to be w...

Page 49: ...rameterized for Reaction in special mode when external drive enable already set The corresponding parameter is P 0 0101 Configuration STO The Diagnostic message output field is used to limit the error output in the operating mode OM after the initialization of the axis and before drive enable is set for the first time For this purpose select Limited diagnostic message If the optional safety techno...

Page 50: ... safety function is selected via the control unit the selection at least has to comply with the required safety level of the application If the safety function is selected via isolated selection contacts passive safety unit it has to be ensured that the test pulses described in chapter Dynamization are not inhibited or The control unit features OSSD outputs active safety unit and has to monitor th...

Page 51: ... in conjunction with the diagnostic system S 0 0095 Diagnostic message S 0 0390 Diagnostic message number S 0 0390 0 136 Detailed diagnostic message P 0 0006 Diagnostic message configuration S 0 1303 0 1 Diagnostic trace configuration S 0 1303 0 2 Diagnostic trace control S 0 1303 0 3 Diagnostic trace state S 0 1303 0 10 Diagnostic trace main diagnostics S 0 1303 0 11 Diagnostic trace system time ...

Page 52: ...allowed for the safety relevant evaluation The parameter P 0 0106 Operating status STO makes available binary status signals for online monitoring of the safety technology states Via this status word the individual status signals can be optionally programmed to existing real time bits of the master communication or hardware I Os or I O extensions Description of the status display dialog in IndraWo...

Page 53: ...n completed i e the drive has stopped velocity 0 2 The cause of the error was removed 3 The error message was cleared by the error clearing command C0500 S 0 0099 4 The drive is in the operating mode again and power has been switched on Ab 5 Drive enable has been switched back on positive edge In case non fatal safety technology errors occur repeatedly contact our service department since operatin...

Page 54: ...ble With the corresponding power supply configuration P 0 0118 the power supply is disconnected in the case of fatal safety technology errors Commissioning steps After a fatal error has occurred the drive controller can only be put into operation again after the following steps were carried out 1 The cause of the error has to be recognized and removed This possibly means that an entire component e...

Page 55: ...cribed in the respective Project Planning Manuals 9 5 2 Replacing the motor Lethal electric shock by live parts with more than 50 V WARNING The supply unit may only be replaced by qualified personnel which have been trained to perform the work on or with electrical devices The motor should be replaced by a motor of identical type Only by doing this is it ensured that all parameter settings can rem...

Page 56: ...ine coordinate system must therefore be reestablished after replacement 9 5 3 Replacing the brake Dangerous movements Danger to persons from falling or dropping axes WARNING While the brake is replaced secure the axis by a blocking device or by moving the axis to a safe end position The same type of brake must be used after replacement 50 65 Troubleshooting information ctrlX SAFETY Safe Torque Off...

Page 57: ...g affects the safety of the installation Furthermore the impact and hazard analysis must contain a risk assessment of the process of decommissioning On the basis of this impact and hazard analysis decommission the drive or component see also IEC 61508 1 2010 7 17 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 51 65 Decommissioning drive components R911383774_Edition 03 Bosch Rexroth AG ...

Page 58: ...52 65 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 59: ...optional safety technology module T0 STO Safe Torque Off The declaration of conformity is also available with signatures in the English language If you have access to the Bosch Rexroth Intranet please download the declaration of conformity here Otherwise please contact our sales representative ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 53 65 Declaration of conformity R911383774_Edit...

Page 60: ...54 65 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 61: ...namization output 6 n c 7 STO_CH2 Input for selection of channel 2 8 STO_CH2 Input for selection of channel 2 Spring terminal connector Unit min max Connection cable Stranded wire mm2 0 2 1 5 AWG 24 16 Stripped length mm 10 Tab 12 1 XG41 safety technology Safe Torque Off 12 2 Technical data of inputs and outputs 12 2 1 Digital inputs safety technology The digital inputs correspond to IEC 61131 2 D...

Page 62: ...between two test pulses on both channels φ ms not specified Tab 12 3 Time behavior 12 2 2 Digital outputs safety technology The digital outputs are compatible with digital inputs IEC 61131 2 56 65 Project planning ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 63: ...Wiring error with short circuit between the two channels Internal errors In the case of an error the control panel shows the corresponding error message F830x F3134 1 At a maximum switching frequency of 1 Hz 2 In the case of inductive loads with currents 200 mA or in the case of inductive loads with a greater energy content an exter nal free wheeling arm has to be installed The effective termi nal...

Page 64: ...se width tPL μs 400 Periodic time TP ms 500 Phase shift between two test pulses on both channels φ 180 Tab 12 5 Time behavior 58 65 Project planning ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 65: ...ditional information on service repair e g delivery addresses and training can be found on our internet sites Service worldwide Outside Germany please contact your local service office first For hotline numbers refer to the sales office addresses on the internet Preparing information To be able to help you more quickly and efficiently please have the following information ready Detailed descriptio...

Page 66: ...60 65 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE Bosch Rexroth AG R911383774_Edition 03 ...

Page 67: ...ion 1 Notations 1 Motor Replacing 49 N Normal operation 15 O Overview of the safety function 27 P PELV 10 Performance Reaction times 20 Time response 20 PFH value Safe Torque Off 21 Productive operation 15 Protective extra low voltage 10 R Reaction times 20 Removing malfunctions 48 Replacing Motor 49 Requirements Motors 41 Optional measuring systems 41 Third party motors 41 Risk assessment 16 Risk...

Page 68: ...ctrlX DRIVE 41 Controller configuration 40 Technical data Digital inputs 55 Digital outputs safety technology 56 Time response 20 U Unintended use 4 Consequences disclaimer 3 Use Intended use 3 Unintended use 4 X XG41 Safe Torque Off 55 62 65 Index ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE ...

Page 69: ...Notes ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 63 65 ...

Page 70: ...Notes 64 65 ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE ...

Page 71: ...Notes ctrlX SAFETY Safe Torque Off Safety Option in ctrlX DRIVE 65 65 ...

Page 72: ...xroth AG P O Box 13 57 97803 Lohr a Main Germany Bgm Dr Nebel Str 2 97816 Lohr a Main Germany Phone 49 9352 18 0 Fax 49 9352 18 8400 www boschrexroth com electrics R911383774 R911383774 DOK XDRV SI TX AP03 EN P ...

Search results

Summary of Contents for Rexroth ctrlX SAFETY

Reviews:

Related manuals for Rexroth ctrlX SAFETY

Brands by name

Popular brands

Bosch Rexroth ctrlX SAFETY, Applications Manual

Search results

Summary of Contents for Rexroth ctrlX SAFETY

Reviews:

Related manuals for Rexroth ctrlX SAFETY

Brands by name

Popular brands